You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Bharat Kumar (JIRA)" <ji...@apache.org> on 2013/06/25 08:09:20 UTC

[jira] [Commented] (CLOUDSTACK-2953) [Multiple_IP_Ranges] VM does not get the public key from VR incase of multiple subnets per vlan

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2953?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13692775#comment-13692775 ] 

Bharat Kumar commented on CLOUDSTACK-2953:
------------------------------------------

Earlier we used to use the eth0 ip of the router to get the public key. now with the multiple subnets the user data needs to be accessed by the name data-server instead of the eth0 ip. 

We used to fetch the eth0 ip of the router from the dhcp files in the VM. For VMs in new subnet this will be one of the ipalises on the router eth0 interface. using this ip to access user-data will not work for new subnets as the service is not running on the alias ips. so we now use a name data-server to access the user-data and public key . The name gets resolved by the dnsmasq to the primary ip of the eth0 interface .

                
> [Multiple_IP_Ranges] VM does not get the public key from VR incase of multiple subnets per vlan
> -----------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2953
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2953
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.2.0
>         Environment: Setup: Basic zone with xen cluster
> Build: Laset master build
>            Reporter: Sanjeev N
>            Assignee: Bharat Kumar
>            Priority: Critical
>             Fix For: 4.2.0
>
>
> VM does not get the public key from VR incase of multiple subnets per vlan
> Steps to Reproduce:
> ================
> 1.Bring up CS in basic zone with xen server
> 2.Add guest ip ranges in two CIDRs in the same vlan
> 3.Generate ssh key pair using follwoing api:
> http://10.147.59.119:8096/client/api?command=createSSHKeyPair&name=test2&account=admin&domainid=1
> 4.Register a template to CS which has ssh key reset script copied.
> 5.Deploy two guest vms with ip addresses from both the CIDRs with the key pair generated above
> Expected Behavior:
> ===============
> In both the VM's authouried keys file should contain the public key and key based access to vm should succeed.
> Actual Result:
> ============
> Guest vm deployed with ip address from first cidr able to fetch the public key but not the other vm.
> Observations:
> ===========
> On VR web service is running on port 80 with ip address from the primary subnet but not with the alias ip , hence fetching keys from the VR with alias ip address failed.
> [root@ceddb099-8fee-462f-9520-c01b57762e4d ~]# wget http://10.147.43.131/latest/public-keys
> --2013-06-12 10:02:49--  http://10.147.43.131/latest/public-keys
> Connecting to 10.147.43.131:80... failed: Connection refused.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira